When it comes to protecting their hospital organizations against the consequences of natural disasters, healthcare CIOs and IT executives are faced with a tightening vise of challenges. On the one hand, as hospital-based organizations increasingly implement electronic medical records (EMR) and other advanced clinical information systems, they are coming to accept the idea that moving to implement solid disaster recovery and business continuity plans is no longer an option, but a requirement.
On the other hand, the very expense of implementing enterprise-wide clinical information systems is straining already-straightened IT budgets, and making it harder to pull together the resources needed to create disaster recovery plans backed by solid technological supports.
But industry experts warn that disasters, such as Hurricane Katrina and the northeastern power blackout of several years ago, have the potential to create havoc in automated organizations that don't have rigorous plans already in place.
Industry experts agree that healthcare is under-prepared for natural disasters compared with other industries, such as financial services, and they warn that the lessons of the recent past may not have been learned.
"The IT people must have their IT strategy synchronized with the operationally focused business continuity planning that must take place at the executive level. And then, obviously, the executives need to fund it appropriately," says Rob Faix, practice leader for advanced infrastructure services at Long Beach, Calif.-based First Consulting Group. "If there's going to be a breakdown anywhere in this process, that's likely where it will be. Disaster recovery can be quite costly, and in times of tight budgets, there can be underfunding."
In fact, says the Youngstown, Ohio-based Faix, the needs are becoming more insistent rather than less, because with EMR, computerized provider order entry (CPOE) and PACS, the need for recovery time goes down from a matter of hours to a matter of minutes, as organizations go paperless or nearly so.
The gap between the disaster recovery plans that hospital-based organizations have created and the downtime-prevention needs of clinicians and other frontline hospital personnel is deeply concerning, says Ben Thornton, director of business continuity and disaster recovery in the consulting practice at Optimus Solutions, Norcross, Ga.
"We've worked on recovery strategies and plans with our hospital clients for years, but I'm not yet really seeing the ignition that is needed as a result of the shift towards automation, but it has to take place," says Thornton.
Basic inertia in healthcare remains a core problem, he reflects. "There's this general expectation," he says, "that when a big event like Katrina happens, people will wake up and smell the coffee, and get moving forward. But whether you're talking about Katrina, the Northeast blackout, or Sept. 11, if there is a frenzy, it tends to be very short-lived. The other issue is budget."
Until hospital executives address the inflexibility of their budgeting processes and make room for stepped-up planning for disaster recovery for clinical information system downtime, hospitals and their patients will remain at risk, he says.
There are exceptions to this broad-based gap in hospital organizations, of course. Following are examples of healthcare providers whose executive and clinician leaders have learned from past experiences and from industry experience in general, and are putting in place disaster recovery plans that ensure patient care and other essential hospital operations will go on, whether their organizations face earthquakes, hurricanes, tornados, flooding, snow and ice blizzards, heat calamities, power outages, or other disasters. — M.H.
